As the Internet becomes an important method for organizations to provide access to mission critical applications, security becomes a larger and more prevalent issue of concern. Often an organization may deploy security mechanisms that enable remote access while maintaining a level of authentication and authorization to those resources. For example, many organizations employ IPSec virtual private networks (VPNs) to provide employees with remote access to the organization's resources. Employees are often allowed to obtain access to important resources from a variety of computing devices, including kiosks, mobile devices, and home computers, as well as computing devices provided and maintained by the organization.
However, use of computing devices that are not maintained by the organization may still result in increased security risks. For example, such computing devices may be inadequately configured with the security components that an organization may demand. As such, although the end-user may be sufficiently authenticated for access, the computing device employed to obtain that access may be inadequate. Requiring that every employee use only those computing devices that are issued and maintained by the organization, however, is often both impractical and costly. Thus, there is a need in the industry to better secure enterprise resources accessed by remote computing devices. Therefore, it is with respect to these considerations and others that the invention has been made.